Splunk® Enterprise

Dashboards and Visualizations

Download manual as PDF

Download topic as PDF

Cluster maps

Use the cluster map visualization to plot aggregated values on a map.

Viz ItalyMap3.png

Data formatting

To generate a cluster map, use the geostats command. The geostats command generates events that include latitude and longitude coordinates for markers. It is similar to the stats command, but provides options for zoom levels and cells for mapping.

For more information, see geostats in the Search Reference.

Configuration options

Use the Format menu to adjust the following cluster map components.

  • Tile appearance and source
  • Cluster marker appearance
  • Zoom on scroll behavior

Example

The following search generates a map showing California earthquakes of magnitude greater than 3 for the past 30 days.

index=main mag>3 | geostats latfield=latitude longfield=longitude count


Viz drilldownMap.png

When a user clicks on a cluster indicating earthquake data, a search launches using the latitude and longitude boundaries of that cluster.

index=main mag>3 | search latitude>=36.21094 latitude<36.56250 longitude>=-122.34375 longitude<-121.64062
PREVIOUS
Configure a Choropleth map
  NEXT
Use trellis layout to split visualizations

This documentation applies to the following versions of Splunk® Enterprise: 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 7.0.0, 7.0.1


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters